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DETAILED ACTION 

1 . This office action is in response to Applicant's amendment filed on March 30, 
2005. Claims 1-7, 9-17 and 20 have been amended. Claims 1-21 are pending. 

Claim Rejections -35 USC §112 

2. The rejection of claims 14-16 rejected under 35 U.S.C. 112, second paragraph 
for being indefinite is withdrawn. 

Claim Rejections - 35 USC § 101 

3. The Applicant argues claim 10 is not directed to non-statutory subject matter. 
The Examiner disagrees and maintains the rejection. Claim 10 recites "computer 
executable code transmitted as information signal". The claim recites a software code 
without any structural element. Therefore, claim 10, is directed to a non-statutory 
subject matter. 

Response to Arguments 

4. Applicant's arguments, see Remarks, filed March 30, 2005, have been 
considered but are not persuasive. In response to the arguments concerning the 
previously rejected claims, the following comments are made: 

In response to applicant's argument that the references fail to show certain 
features of applicant's invention, it is noted that the features upon which applicant relies 
(i.e., that grants session credentials) are not recited in the rejected claim(s). Although 
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the claims are interpreted in light of the specification, limitations from the specification 
are not read into the claims. See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 
(Fed. Cir. 1993). 

The Applicant argues the combination of Gupta and Makower does not 
disclose or suggest determining that a client does not have a valid session credential 
granted by a first system or a second system; sending, from the first system to the 
client, a log in page; receiving, at the first system from the client, log in information; 
sending, from the first system to the second system, the log in information; and 
receiving, at the first system from the second system, information corresponding to a 
session credential granted by the second system, the session credential granted by the 
second system based at least in part on the log in information. The Examiner disagrees 
and maintains the rejections. Gupta teaches a server that checks if a request has an 
active valid session and redirects the user to the login server. (Col. 7, lines 2-3 and lines 
5-6). Gupta also discloses a login server that authenticates and redirects the user back 
to the application server in which a user request is processed. (Col. 7, lines 10-14) 
Makower discloses prompting a client with a login page and receiving a client browser 
that provides authentication information. (Page 4, paragraph 32) As to the amendment a 
first system and a second system " that grants session credentials " does not render 
claims 1 , 9-13, 17 and 20 patentably distinct over the prior art because Makower further 
discloses a group of servers in which users are allowed to authenticate themselves with 
any one of the group of servers. (Abstract; Page 1, paragraph 10; Page 3, paragraph 
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20) which is adequate support for a first and second system that grants session 
credentials. 

Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

This application currently names joint inventors. In considering patentability of 
the claims under 35 U.S.C. 103(a), the examiner presumes that the subject matter of 
the various claims was commonly owned at the time any inventions covered therein 
were made absent any evidence to the contrary. Applicant is advised of the obligation 
under 37 CFR 1 .56 to point out the inventor and invention dates of each claim that was 
not commonly owned at the time a later invention was made in order for the examiner to 
consider the applicability of 35 U.S.C. 103(c) and potential 35 U.S.C. 102(e), (f) or (g) 
prior art under 35 U.S.C. 103(a). 

6. Claims 1-21 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Gupta et al. (hereinafter Gupta) United States Letter Patent Number 6,226,752 further in 
view of Makower et al. (hereinafter Makower) United States Publication Number 
2002/0184507. 
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As per claims 1,10 and 1 1 : 

Gupta teaches a method for validating credentials comprising: 

determining, at a first system, that a client does not have a valid session 
credential for the first system; (Col. 7, lines 2-3; Col. 1 1 , lines 46-49 and lines 65-66) 

retrieving, at the first system, information from a session token held by the client, 
the information corresponding to a possible session credential for a second system; 
(Col. 7, lines 3-4; Col. 11, lines 66-67 and Col. 12, lines 1-6) 

presenting at least some of the information from the session token to the second 
system; (Col. 7, lines 5-6; Col. 12, lines 13-23) and 

determining whether the client has a valid session credential with the second 
system. (Col. 7, lines 6-9; Col. 12, lines 25-30) 

Gupta does not explicitly disclose a first and second system that grants a session 
credential. 

Makower discloses a first and second. system that grants a session credential. 
(Abstract; Page 1, paragraph 10; Page 3, paragraph 20; Users authenticate themselves 
with any one of a group of federated servers) 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the method disclosed by Gupta to include 
a method comprising a first and second system that grants a session credential. This 
modification would have been obvious because a person having ordinary skill in the art 
would have been motivated to do so, as suggested by, Makower (Page 1, paragraph 8) 
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in order to protect confidential information and reduce inconvenience for the user/client 
in having to remember different authorizations for different servers. 
As per claims 2 and 14: 

The combination of Gupta and Makower teaches a method comprising granting a 
session. credential to the client by the first system, after determining that the client has a 
valid session credential granted by the second system. (Col. 7, lines 10-12; Col. 12, 
lines 48-49 of Gupta) 
As per claims 3: 

The combination of Gupta and Makower teaches a method comprising sending a 
session token to the client, the token corresponding to a session credential granted by 
the first system. (Col. 12, lines 52-53 of Gupta) 
As per claim 4: 

The combination of Gupta and Makower teaches a method comprising directing 
the client to the second system to establish a session credential, after determining that 
the client does not have a valid session credential granted by the second system. (Col. 
12, lines 54-60 of Gupta) 
As per claim 5: 

The combination of Gupta and Makower teaches a method comprising directing 
the client to the first system to establish a session credential, after determining that the 
client does not have a valid session credential granted by the second system. (Page 4, 
paragraph 31 of Makower) 
As per claim 6: 
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The combination of Gupta and Makower teaches a method comprising 
maintaining the client session credential granted by the second system. (Col. 12, lines 
54-60; Col. 13, lines 24-26 of Gupta) 
As per claim 7: 

The combination of Gupta and Makower teaches a method wherein determining 
whether the client has a valid credential with the second system is at least partially from 
presenting at least some of the information from the session token. (Col. 12, lines 66-67 
and Col. 13, lines 1-5 of Gupta) 
As per claim 8: 

The combination of Gupta and Makower teaches a method wherein retrieving 
information from the session token held by the client comprises: sending a query to the 
client from the first system, the query including identification as originating from a 
domain name corresponding to the second system; and receiving a response to the 
query. (Col. 12, lines 48-61 of Gupta) 
As per claim 9: 

Gupta teaches a method for validating session credentials of a client comprising: 
determining, at a first system, that a client does not have a valid session 
credential for the first system; (Col. 7, lines 2-3; Col. 11, lines 46-49 and lines 65-66) 

retrieving, at the first system, information from a session token held by the client, 
the information corresponding to a session credential for a second system, wherein 
retrieving information from the session token held by the client comprises receiving a 
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session token from the client corresponding to the second system; (Col. 7, lines 3-4; 
Col. 11, lines 66-67 and Col. 12, lines 1-6) 

presenting at least some of the information from the session token to the second 
system; (Col. 7, lines 5-6; Col. 12, lines 13-23) 

determining whether the client has a valid session credential with the second 
system, wherein determining whether the client has a valid credential with the second 
system is at least partially from presenting information from the session token; (Col. 7, 
lines 6-9; Col. 12, lines 25-30) 

granting a session credential to the client on the first system, after determining 
that the client has a valid session credential for the second system; (Col. 7, lines 10-12; 
Col. 12, lines 48-49) 

sending a session token to the client, the token corresponding to the session 
credential on the first system; (Col. 12, lines 52-53) and 

maintaining the client session credentials. (Col. 12, lines 54-60; Col. 13, lines 24- 

26) 

Gupta does not explicitly disclose a first and second system that grants a session 
credential. 

Makower discloses a first and second system that grants a session credential. 
(Abstract; Page 1, paragraph 10; Page 3, paragraph 20; Users authenticate themselves 
with any one of a group of federated servers) 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the method disclosed by Gupta to include 
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a method comprising a first and second system that grants a session credential. This 
modification would have been obvious because a person having ordinary skill in the art 
would have been motivated to do so, as suggested by, Makower (Page 1, paragraph 8) 
in order to protect confidential information and reduce inconvenience for the user/client 
in having to remember different authorizations for different servers. 
As per claim 12: 

Gupta teaches a programmed computer for validating credentials, comprising: 
a memory having at least one region for storing computer executable program 

code; (Figure 1, item 115; Col. 7, lines 50-67 and Col. 8, lines 1-20) and 

a processor for executing the program code stored in the memory, (Figure 1 , 

item 113; Col. 7, lines 50-67 and Col. 8, lines 1-20) wherein the program code 

comprises: 

code to determine, at a first system, that a client does not have a valid session 
credential for the first system; (Col. 7, lines 2-3; Col. 1 1 , lines 46-49 and lines 65-66) 

code to retrieve, at the first system, information from a session token held by the 
client, the information corresponding to a possible session credential for a second 
system; (Col. 7, lines 3-4; Col. 11, lines 66-67 and Col. 12, lines 1-6) 

code to present at least some of the information from the session token to the 
second system; (Col. 7, lines 5-6; Col. 12, lines 13-23) and 

code to determine whether the client has a valid session credential with the 
second system. (Col. 7, lines 6-9; Col. 12, lines 25-30) 
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Gupta does not explicitly disclose a first and second system that grants a session 
credential. 

Makower discloses a first and second system that grants a session credential. 
(Abstract; Page 1, paragraph 10; Page 3, paragraph 20; Users authenticate themselves 
with any one of a group of federated servers) 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the method disclosed by Gupta to include 
a method comprising a first and second system that grants a session credential. This 
modification would have been obvious because a person having ordinary skill in the art 
would have been motivated to do so, as suggested by, Makower (Page 1 , paragraph 8) 
in order to protect confidential information and reduce inconvenience for the user/client 
in having to remember different authorizations for different servers. 
As per claim 13: 

Gupta teaches a method for establishing session credentials comprising: 

determining that a client does not have a valid session credential for a first 
system or a second system; (Col. 7, lines 2-3; Col. 1 1 , lines 46-49 and lines 65-66) 

sending, from the first system to the second system, the log in information; (Col. 
7, lines 5-6; Col. 12, lines 13-23) and 

receiving, at the first system from the second system, information corresponding 
to a session credential for the second system, the session credential granted by the 
second system based at least in part on the log in information. (Col. 7, lines 10-12; Col. 
12, lines 48-49) 
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Gupta does not explicitly disclose a method comprising sending, from the first 
system to the client, a log in page; and receiving, at the first system from the client, log 
in information; and a first and second system that grants a session credential. 

Makower in analogous art, however, disclose a method comprising: 

sending, from the first system to the client, a log in page; (Page 4, paragraph 32; 
...web server prompts the client browser with a log in page ...) 

receiving, at the first system from the client, log in information; (Page 4, 
paragraph 32; the client browser provides authentication information...) 

a first and second system that grants a session credential. (Abstract; Page 1, 
paragraph 10; Page 3, paragraph 20; Users authenticate themselves with any one of a 
group of federated servers) 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the method disclosed by Gupta to include 
a method comprising sending, from the first system to the client, a log in page; 
receiving, at the first system from the client, log in information; and a first and second 
system that grants a session credential. This modification would have been obvious 
because a person having ordinary skill in the art would have been motivated to do so, 
as suggested by, Makower (Page 1 , paragraph 8) in order to protect confidential 
information and reduce inconvenience for the user/client in having to remember different 
authorizations for different servers. 
As per claims 15 and 18: 
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The combination of Gupta and Makower teaches a method granting a session 
credential for the second system. (Col. 12, lines 66-67 and Col. 13, lines 1-5 of Gupta) 
As per claims 16 and 19: 

The combination of Gupta and Makower teaches a method comprising 
associating session credentials for the first system and the second system with the 
client. (Col. 12, lines 54-60; Col. 13, lines 24-26 of Gupta) 
As per claim 17: 

Gupta teaches a method for establishing session credentials comprising: 
determining that a client does not have a valid session credential for a first 
system or a second system; (Col. 7, lines 2-3; Col. 1 1 , lines 46-49 and lines 65-66) 
sending, from the second system to the client, a log in page; (Col. 12, lines 24- 

32) 

receiving, at the second system from the client, log in information; (Col. 12, lines 
24-32) and 

sending, from the second system to the first system, information corresponding 
to a session credential for the second system, the session credential granted by the 
second system based at least in part on the log in information; (Col. 7, lines 6-9; Col. 
12, lines 25-30) and 

granting a session credential for the first system. (Col. 7, lines 10-12; Col. 12, 
lines 48-49) 

Gupta does not explicitly disclose a first and second system that grants a session 
credential. 
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Makower discloses a first and second system that grants a session credential. 
(Abstract; Page 1, paragraph 10; Page 3, paragraph 20; Users authenticate themselves 
with any one of a group of federated servers) 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the method disclosed by Gupta to include 
a method comprising a first and second system that grants a session credential. This 
modification would have been obvious because a . person having ordinary skill in the art 
would have been motivated to do so, as suggested by, Makower (Page 1, paragraph 8) 
in order to protect confidential information and reduce inconvenience for the user/client 
in having to remember different authorizations for different servers. 
As per claim 20: 

Gupta teaches a method for validating credentials comprising: 

determining, at a first system, that a client does not have a valid session 
credential for the first system; (Col. 7, lines 2-3; Col. 11, lines 46-49 and lines 65-66) 

redirecting the client to a second system; (Col. 7, lines 5-6; Col. 12, lines 13-23) 

sending, from the second system to the first system, session credentials for the 
second system; (Col. 7, lines 6-9; Col. 12, lines 25-30) 

sending, from the second system to the first system, information indicating that 
the session credentials for the second system are valid. (Col. 7, lines 6-9; Col. 12, lines 
25-30) 

sending, from the first system to the second system, the session credentials for 
the second system; (Col. 7, lines 10-12; Col. 12, lines 48-49) 



Application/Control Number: 10/026,403 Page 14 

Art Unit: 2133 

determining, at the second system, that the session credentials for the second 
system, received from the first system, are valid; (Col. 13, lines 1-5) 

Gupta does not explicitly disclose a first and second system that grants a session 
credential. 

Makower discloses a first and second system that grants a session credential. 
(Abstract; Page 1, paragraph 10; Page 3, paragraph 20; Users authenticate themselves 
with any one of a group of federated servers) 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the method disclosed by Gupta to include 
a method comprising a first and second system that grants a session credential. This 
modification would have been obvious because a person having ordinary skill in the art 
would have been motivated to do so, as suggested by, Makower (Page 1, paragraph 8) 
in order to protect confidential information and reduce inconvenience for the user/client 
in having to remember different authorizations for different servers. 
As per claim 21: 

The combination of Gupta and Makower teaches a method comprising granting 
the client session credentials for the first system. (Col. 7, lines 10-12; CoL 12, lines 48- 
49 of Gupta) 

7. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
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§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

8. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Shewaye Gelagay whose telephone number is 571-272- 
4219. The examiner can normally be reached on 8:00 am to 5:30 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Albert Decady can be reached on 571-272-3819. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-21 7-91 97 (toll-free). 
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Examiner 
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